SSH Reverse Tunnel

Curious how does SSH tunneling works and how to setup up reverse SSH tunneling to around firewall restrictions?

Psychz - Amol

Votes: 0Posted On: Feb 26, 2018 05:43:44

Hi!

Through this article, we will try to explain how SSH tunneling works and the different types of SSH tunneling.

There are different services on a server listening to different ports. But often these ports are closed for any incoming traffic due to security issues. You can access these ports through the SSH connection which listens on port 22.

SSH tunneling(port forwarding) is the process of establishing the connection of local and remote ports through SSH connection. Let us assume that you are trying to connect to a remote port but a firewall is blocking any incoming connection to the remote host. If you try to connect to the port directly, you will not be able to do so. However, you can connect to the remote server through SSH server. Through port forwarding, you can access the port via the SSH connection.

SSH port forwarding can be done in two ways. Either the local port can make a request to access the remote port through SSH or the remote port can connect to the local port through SSH tunnel. The former one is called local port forwarding and the latter remote port forwarding or reverse port forwarding.

Local Port Forwarding - It is the most common type of port forwarding. In this type of port forwarding, local port tries to connect to the remote port via SSH connection. For instance, if you want to access a website but its HTTP port(8080) is blocked by a firewall, your local HTTP port can request to access the remote port through SSH. The format of the SSH command is given below.

ssh -L 80:www.abc.com:8080 user@remote IP address

- The "-L" option is used for Local Port Forwarding.-80 is the HTTP port at the localhost.-www.abc.com is the website you are trying to connect.-8080 is the remote HTTP port.

Reverse or Remote Port Forwarding

Remote port forwarding is a less common type of port forwarding. This is because it implies that the remote server tries to access programs of the local machine through SSH. In this type, the connections from the remote SSH server are forwarded via the SSH client, then to a local machine.

For instance, you want the remote HTTP port to forward all the requests to the local server. You can do so with the help of reverse port forwarding. When you send a remote port forwarding request, the SSH tunnel is set up through which the remote server sends the requests meant for its HTTP port to the localhost.

You can use the Remote Port Forwarding with the help of the following command.

ssh -R 8080:localhost:80 user@destination IP address

-The "-R" option is used for Remote Port Forwarding- 8080 is the local port.- 80 is the remote port.